Former L3Harris executive ordered to pay $10 million for selling classified hacking tools to Russian broker

A former high-ranking executive at a major US defense contractor has been ordered to pay $10 million in restitution after pleading guilty to selling advanced hacking tools to a Russian broker. Peter Williams, once the general manager of L3Harris’s Trenchant division, was sentenced for stealing trade secrets and selling hacking tools that could have compromised millions of devices worldwide.

The $10 million restitution order and its implications

On Wednesday, a federal judge ordered Williams to pay $10 million to his former employer, L3Harris. This amount comes on top of $1.3 million he had already been ordered to pay. The case, first reported by veteran cybersecurity journalist Kim Zetter, underscores the severe consequences of insider threats in the defense sector.

Williams, a 39-year-old Australian citizen and former intelligence agency employee, admitted to stealing seven trade secrets—likely cyber exploits and surveillance technology—from Trenchant. He then sold this sensitive material to Operation Zero, a Russian firm that acts as a broker for hacking tools and works exclusively with the Russian government and local companies.

How the theft unfolded: Inside the Trenchant division

Trenchant, formed from the acquisition of two sister startups, is L3Harris’s division specializing in advanced spyware and hacking tools. It sells these capabilities to the US government and its Five Eyes intelligence alliance partners—Australia, Canada, New Zealand, and the United Kingdom.

Williams exploited his privileged full access to Trenchant’s internal network to siphon out the tools. He made $1.3 million from the sale, spending the proceeds on luxury watches, a house near Washington, D.C., and family vacations. Trenchant reported losses of up to $35 million due to his theft.

Russian and Chinese cybercriminals used the stolen tools

US prosecutors stated that Williams betrayed the United States and its allies by providing Operation Zero—described as one of the world’s most nefarious exploit brokers—with tools that could hack millions of computers. According to former L3Harris employees, some of these stolen hacking tools were later used by Russian government spies in Ukraine and Chinese cybercriminals.

Google’s cybersecurity research identified the stolen code in cyberattacks, confirming the tools’ deployment. Williams even attempted to frame one of his employees for the theft, adding another layer of deceit to his crimes.

Sentencing and legal consequences

Williams pleaded guilty and received a prison sentence of more than seven years. The $10 million restitution order aims to compensate L3Harris for its losses. His lawyers did not respond to requests for comment.

This case serves as a stark reminder of the risks posed by insider threats in the defense industry. For more on cybersecurity risks, read about insider threat prevention strategies. Additionally, explore how government cybersecurity measures are evolving to counter such espionage.

Building on this, companies must strengthen their internal security protocols to prevent similar breaches. As a result, the defense sector is now reviewing access controls and monitoring systems more rigorously.